Resources

Open WebMail Multiple Content Header XSS

This script is Copyright (C) 2004-2015 George A. Theall

Synopsis :

A remote web application may be vulnerable to cross-site scripting.

Description :

The target is running at least one instance of Open WebMail whose
version is 2.32 or earlier. Such versions are vulnerable to a cross-
site scripting attack whereby an attacker can cause a victim to
unknowingly run arbitrary JavaScript code by reading a MIME message
with a specially crafted Content-Type or Content-Description header.
For further information, see :

Contact

The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.